Overview

overview

9

Static

static

5

2e459ad5ee...cN.exe

windows7-x64

9

2e459ad5ee...cN.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2e459ad5ee17a9a524febf73b83b8e51c79a2f1526d41ed48866a027ad52105cN

  • Size

    171KB

  • Sample

    241006-fqccgatbml

  • MD5

    a8f7808175259f8d52064f9c23b79850

  • SHA1

    3d527a3369a27f248f1d1b8abbc0ddd20a09a48e

  • SHA256

    2e459ad5ee17a9a524febf73b83b8e51c79a2f1526d41ed48866a027ad52105c

  • SHA512

    687ed768d1487b0bc663a439bc69cc2873e406689cd38394aad295414c9788ef4fd255fd4b966fcf9ffbeef6d056797c952a17c9a9d1b4abb03bf7cc868e1353

  • SSDEEP

    1536:V7Zf/FAxTWY1++PJHJXA/OsIZfzc3/Q8zxY5z7Zf/FAxTWY1++PJHJXA/OsIZfzt:fnyiQSox5RnyiQSox5X

Score
9/10
discoveryransomwareupx

Malware Config

Targets

    • Target

      2e459ad5ee17a9a524febf73b83b8e51c79a2f1526d41ed48866a027ad52105cN

    • Size

      171KB

    • MD5

      a8f7808175259f8d52064f9c23b79850

    • SHA1

      3d527a3369a27f248f1d1b8abbc0ddd20a09a48e

    • SHA256

      2e459ad5ee17a9a524febf73b83b8e51c79a2f1526d41ed48866a027ad52105c

    • SHA512

      687ed768d1487b0bc663a439bc69cc2873e406689cd38394aad295414c9788ef4fd255fd4b966fcf9ffbeef6d056797c952a17c9a9d1b4abb03bf7cc868e1353

    • SSDEEP

      1536:V7Zf/FAxTWY1++PJHJXA/OsIZfzc3/Q8zxY5z7Zf/FAxTWY1++PJHJXA/OsIZfzt:fnyiQSox5RnyiQSox5X

    Score
    9/10
    discoveryransomwareupx

    • Renames multiple (4086) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks